From caac13d3002cc320bdd64628bf2ef344a300b855 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 21 Jan 2020 18:00:04 -0500 Subject: [PATCH] import polkit-0.115-11.el8 --- SOURCES/polkit-0.115-allow-uid-of-1.patch | 20 +++ .../polkit-0.115-jsauthority-memleak.patch | 19 +++ SOURCES/polkit-0.115-move-to-mozjs60.patch | 148 ++++++++++++++++++ ...115-pkttyagent-tcsaflush-batch-erase.patch | 12 ++ ....115-pkttyagent-tty-echo-off-on-fail.patch | 94 +++++++++++ SPECS/polkit.spec | 35 ++++- 6 files changed, 324 insertions(+), 4 deletions(-) create mode 100644 SOURCES/polkit-0.115-allow-uid-of-1.patch create mode 100644 SOURCES/polkit-0.115-jsauthority-memleak.patch create mode 100644 SOURCES/polkit-0.115-move-to-mozjs60.patch create mode 100644 SOURCES/polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch create mode 100644 SOURCES/polkit-0.115-pkttyagent-tty-echo-off-on-fail.patch diff --git a/SOURCES/polkit-0.115-allow-uid-of-1.patch b/SOURCES/polkit-0.115-allow-uid-of-1.patch new file mode 100644 index 0000000..9500a5d --- /dev/null +++ b/SOURCES/polkit-0.115-allow-uid-of-1.patch @@ -0,0 +1,20 @@ +diff -up ./src/polkit/polkitunixprocess.c.ori ./src/polkit/polkitunixprocess.c +--- ./src/polkit/polkitunixprocess.c.ori 2019-02-06 16:47:23.460666237 +0100 ++++ ./src/polkit/polkitunixprocess.c 2019-02-06 16:47:43.846573792 +0100 +@@ -211,14 +211,9 @@ polkit_unix_process_set_property (GObjec + polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); + break; + +- case PROP_UID: { +- gint val; +- +- val = g_value_get_int (value); +- g_return_if_fail (val != -1); +- polkit_unix_process_set_uid (unix_process, val); ++ case PROP_UID: ++ polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); + break; +- } + + case PROP_START_TIME: + polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); diff --git a/SOURCES/polkit-0.115-jsauthority-memleak.patch b/SOURCES/polkit-0.115-jsauthority-memleak.patch new file mode 100644 index 0000000..f356cc1 --- /dev/null +++ b/SOURCES/polkit-0.115-jsauthority-memleak.patch @@ -0,0 +1,19 @@ +commit 28e3a6653d8c3777b07e0128a0d97d46e586e311 +Author: Jan Rybar +Date: Tue Oct 8 13:28:18 2019 +0000 + + jsauthority: Fix two minor memory leaks + +diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp +index 9b752d1..e97b8aa 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.cpp ++++ b/src/polkitbackend/polkitbackendjsauthority.cpp +@@ -567,6 +567,8 @@ polkit_backend_js_authority_finalize (GObject *object) + g_strfreev (authority->priv->rules_dirs); + + delete authority->priv->ac; ++ delete authority->priv->js_global; ++ delete authority->priv->js_polkit; + + JS_DestroyContext (authority->priv->cx); + /* JS_ShutDown (); */ diff --git a/SOURCES/polkit-0.115-move-to-mozjs60.patch b/SOURCES/polkit-0.115-move-to-mozjs60.patch new file mode 100644 index 0000000..1c7e7d9 --- /dev/null +++ b/SOURCES/polkit-0.115-move-to-mozjs60.patch @@ -0,0 +1,148 @@ +diff --git a/configure.ac b/configure.ac +index 5c37e481147466fd5a3a0a6b814f20fd2fe6bce8..5cedb4eca980f050fb5855ab577e93100adf8fec 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -79,7 +79,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0]) + AC_SUBST(GLIB_CFLAGS) + AC_SUBST(GLIB_LIBS) + +-PKG_CHECK_MODULES(LIBJS, [mozjs-52]) ++PKG_CHECK_MODULES(LIBJS, [mozjs-60]) + + AC_SUBST(LIBJS_CFLAGS) + AC_SUBST(LIBJS_CXXFLAGS) +diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp +index 76027149d4dfdc54064be48a3aeafeec8326a67b..984a0f0e579d51c09117f4e495b0c3fdc46fe61b 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.cpp ++++ b/src/polkitbackend/polkitbackendjsauthority.cpp +@@ -150,18 +150,17 @@ G_DEFINE_TYPE (PolkitBackendJsAuthority, polkit_backend_js_authority, POLKIT_BAC + /* ---------------------------------------------------------------------------------------------------- */ + + static const struct JSClassOps js_global_class_ops = { +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL ++ nullptr, // addProperty ++ nullptr, // deleteProperty ++ nullptr, // enumerate ++ nullptr, // newEnumerate ++ nullptr, // resolve ++ nullptr, // mayResolve ++ nullptr, // finalize ++ nullptr, // call ++ nullptr, // hasInstance ++ nullptr, // construct ++ JS_GlobalObjectTraceHook + }; + + static JSClass js_global_class = { +@@ -172,18 +171,17 @@ static JSClass js_global_class = { + + /* ---------------------------------------------------------------------------------------------------- */ + static const struct JSClassOps js_polkit_class_ops = { +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL ++ nullptr, // addProperty ++ nullptr, // deleteProperty ++ nullptr, // enumerate ++ nullptr, // newEnumerate ++ nullptr, // resolve ++ nullptr, // mayResolve ++ nullptr, // finalize ++ nullptr, // call ++ nullptr, // hasInstance ++ nullptr, // construct ++ nullptr // trace + }; + + static JSClass js_polkit_class = { +@@ -469,19 +467,18 @@ polkit_backend_js_authority_constructed (GObject *object) + + { + JS::CompartmentOptions compart_opts; +- compart_opts.behaviors().setVersion(JSVERSION_LATEST); ++ + JS::RootedObject global(authority->priv->cx); + + authority->priv->js_global = new JS::Heap (JS_NewGlobalObject (authority->priv->cx, &js_global_class, NULL, JS::FireOnNewGlobalHook, compart_opts)); + + global = authority->priv->js_global->get (); +- +- if (global == NULL) ++ if (!global) + goto fail; + + authority->priv->ac = new JSAutoCompartment(authority->priv->cx, global); + +- if (authority->priv->ac == NULL) ++ if (!authority->priv->ac) + goto fail; + + if (!JS_InitStandardClasses (authority->priv->cx, global)) +@@ -493,7 +490,7 @@ polkit_backend_js_authority_constructed (GObject *object) + + polkit = authority->priv->js_polkit->get (); + +- if (polkit == NULL) ++ if (!polkit) + goto fail; + + if (!JS_DefineProperty(authority->priv->cx, global, "polkit", polkit, JSPROP_ENUMERATE)) +@@ -504,7 +501,7 @@ polkit_backend_js_authority_constructed (GObject *object) + js_polkit_functions)) + goto fail; + +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + JS::RootedValue rval(authority->priv->cx); + if (!JS::Evaluate (authority->priv->cx, + options, +@@ -684,7 +681,9 @@ set_property_strv (PolkitBackendJsAuthority *authority, + JS::AutoValueVector elems(authority->priv->cx); + guint n; + +- elems.resize(value->len); ++ if (!elems.resize(value->len)) ++ g_error ("Unable to resize vector"); ++ + for (n = 0; n < value->len; n++) + { + const char *c_string = (const char *) g_ptr_array_index(value, n); +@@ -741,7 +740,7 @@ subject_to_jsval (PolkitBackendJsAuthority *authority, + GError **error) + { + gboolean ret = FALSE; +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + const char *src; + JS::RootedObject obj(authority->priv->cx); + pid_t pid; +@@ -868,7 +867,7 @@ action_and_details_to_jsval (PolkitBackendJsAuthority *authority, + GError **error) + { + gboolean ret = FALSE; +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + const char *src; + JS::RootedObject obj(authority->priv->cx); + gchar **keys; + diff --git a/SOURCES/polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch b/SOURCES/polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch new file mode 100644 index 0000000..3dec108 --- /dev/null +++ b/SOURCES/polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch @@ -0,0 +1,12 @@ +diff -up ./src/programs/pkttyagent.c.ori ./src/programs/pkttyagent.c +--- ./src/programs/pkttyagent.c.ori 2019-09-27 14:14:35.096310576 +0200 ++++ ./src/programs/pkttyagent.c 2019-09-27 14:14:56.988586737 +0200 +@@ -55,7 +55,7 @@ static void tty_handler(int signal) + + if (tty_flags_saved) + { +- tcsetattr (fileno (tty), TCSAFLUSH, &ts); ++ tcsetattr (fileno (tty), TCSADRAIN, &ts); + } + + kill(getpid(), signal); diff --git a/SOURCES/polkit-0.115-pkttyagent-tty-echo-off-on-fail.patch b/SOURCES/polkit-0.115-pkttyagent-tty-echo-off-on-fail.patch new file mode 100644 index 0000000..67e4b61 --- /dev/null +++ b/SOURCES/polkit-0.115-pkttyagent-tty-echo-off-on-fail.patch @@ -0,0 +1,94 @@ +commit bfb722bbe5a503095cc7e860f282b142f5aa75f1 +Author: Jan Rybar +Date: Fri Mar 15 16:07:53 2019 +0000 + + pkttyagent: PolkitAgentTextListener leaves echo tty disabled if SIGINT/SIGTERM + + If no password is typed into terminal during authentication raised by PolkitAgentTextListener, pkttyagent sends kill (it receives from systemctl/hostnamectl e.g.) without chance to restore echoing back on. This cannot be done in on_request() since it's run in a thread without guarantee the signal is distributed there. + +diff --git a/src/programs/pkttyagent.c b/src/programs/pkttyagent.c +index 3f324b8..3c8d502 100644 +--- a/src/programs/pkttyagent.c ++++ b/src/programs/pkttyagent.c +@@ -25,11 +25,44 @@ + + #include + #include ++#include ++#include + #include + #include + #define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE + #include + ++ ++static volatile sig_atomic_t tty_flags_saved; ++struct termios ts; ++FILE *tty = NULL; ++struct sigaction savesigterm, savesigint, savesigtstp; ++ ++ ++static void tty_handler(int signal) ++{ ++ switch (signal) ++ { ++ case SIGTERM: ++ sigaction (SIGTERM, &savesigterm, NULL); ++ break; ++ case SIGINT: ++ sigaction (SIGINT, &savesigint, NULL); ++ break; ++ case SIGTSTP: ++ sigaction (SIGTSTP, &savesigtstp, NULL); ++ break; ++ } ++ ++ if (tty_flags_saved) ++ { ++ tcsetattr (fileno (tty), TCSAFLUSH, &ts); ++ } ++ ++ kill(getpid(), signal); ++} ++ ++ + int + main (int argc, char *argv[]) + { +@@ -74,6 +107,8 @@ main (int argc, char *argv[]) + GMainLoop *loop = NULL; + guint ret = 126; + GVariantBuilder builder; ++ struct sigaction sa; ++ const char *tty_name = NULL; + + /* Disable remote file access from GIO. */ + setenv ("GIO_USE_VFS", "local", 1); +@@ -212,6 +247,27 @@ main (int argc, char *argv[]) + } + } + ++/* Bash leaves tty echo disabled if SIGINT/SIGTERM comes to polkitagenttextlistener.c::on_request(), ++ but due to threading the handlers cannot take care of the signal there. ++ Though if controlling terminal cannot be found, the world won't stop spinning. ++*/ ++ tty_name = ctermid(NULL); ++ if (tty_name != NULL) ++ { ++ tty = fopen(tty_name, "r+"); ++ } ++ ++ if (tty != NULL && !tcgetattr (fileno (tty), &ts)) ++ { ++ tty_flags_saved = TRUE; ++ } ++ ++ memset (&sa, 0, sizeof (sa)); ++ sa.sa_handler = &tty_handler; ++ sigaction (SIGTERM, &sa, &savesigterm); ++ sigaction (SIGINT, &sa, &savesigint); ++ sigaction (SIGTSTP, &sa, &savesigtstp); ++ + loop = g_main_loop_new (NULL, FALSE); + g_main_loop_run (loop); + diff --git a/SPECS/polkit.spec b/SPECS/polkit.spec index 407b82f..9f22b90 100644 --- a/SPECS/polkit.spec +++ b/SPECS/polkit.spec @@ -1,12 +1,12 @@ # Only enable if using patches that touches configure.ac, # Makefile.am or other build system related files # -#define enable_autoreconf 1 +%define enable_autoreconf 1 Summary: An authorization framework Name: polkit Version: 0.115 -Release: 6%{?dist} +Release: 11%{?dist} License: LGPLv2+ URL: http://www.freedesktop.org/wiki/Software/polkit Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz @@ -20,6 +20,11 @@ Patch3: polkit-0.115-polkitagentlistener-res-leak.patch Patch4: polkit-0.115-spawning-zombie-processes.patch Patch5: polkit-0.115-CVE-2018-19788.patch Patch6: polkit-0.115-CVE-2019-6133.patch +Patch7: polkit-0.115-pkttyagent-tty-echo-off-on-fail.patch +Patch8: polkit-0.115-allow-uid-of-1.patch +Patch9: polkit-0.115-move-to-mozjs60.patch +Patch10: polkit-0.115-jsauthority-memleak.patch +Patch11: polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch BuildRequires: gcc-c++ @@ -30,7 +35,7 @@ BuildRequires: gtk-doc BuildRequires: intltool BuildRequires: gobject-introspection-devel BuildRequires: systemd, systemd-devel -BuildRequires: pkgconfig(mozjs-52) +BuildRequires: pkgconfig(mozjs-60) BuildRequires: git %if 0%{?enable_autoreconf} @@ -114,7 +119,7 @@ export LDFLAGS='-pie -Wl,-z,now -Wl,-z,relro' --disable-static \ --enable-introspection \ --disable-examples \ - --enable-libsystemd-login=yes --with-mozjs=mozjs-17.0 + --enable-libsystemd-login=yes make V=1 %install @@ -185,6 +190,28 @@ exit 0 %{_libdir}/girepository-1.0/*.typelib %changelog +* Mon Nov 04 2019 Jan Rybar - 0.115-11 +- pkttyagent: resetting terminal erases rest of input line +- Resolves: rhbz#1757853 + +* Tue Oct 29 2019 Jan Rybar - 0.115-10 +- Fix of jasuthority memleak +- Resolves: rhbz#1745918 + +* Tue Sep 10 2019 Jan Rybar - 0.115-9 +- Rebuild to reflect mozjs60 s390 abi change +- Related: rhbz#1746889 + +* Thu Jun 13 2019 Jan Rybar - 0.115-8 +- Backport changing dependency to mozjs60 +- Resolves: rhbz#1729416 + +* Thu Jun 13 2019 Jan Rybar - 0.115-7 +- pkttyagent: polkit-agent-helper-1 timeout leaves tty echo disabled +- Mitigation of regression caused by fix of CVE-2018-19788 +- Resolves: rhbz#1693781 +- Resolves: rhbz#1693814 + * Mon Jan 21 2019 Jan Rybar - 0.115-6 - Fix of CVE-2019-6133, PID reuse via slow fork - Resolves: rhbz#1667778